Thanks for all Afshin ! Sorry if I miss expressed myself badly, I just want to have this thing work. I've done a idmap remove -a because I think that the problem is here.
I'll try to do what you said from the beginning ! I cannot ask AmberRoad people for the moment as there is no amber Road users on the market ;D But I've find all I need for tonight. Sorry for the IHM (French addict ;-)), I'd like to say HMI (http://en.wikipedia.org/wiki/User_interface) Thanks -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Envoyé : mercredi 12 novembre 2008 21:07 À : Romain Chatelain Cc : cifs-discuss Objet : Re: [cifs-discuss] SunStorage 7000 Romain Chatelain wrote: > ???? > > As you can see in the attach file, I have no rules anymore ... Did you unmap your share and map again (on Windows client) after you removed the idmap rule? If you haven't done that, system will obviously use your established context which already mapped the domain user to root. Note I don't know what happens to existing established mappings on AR when you remove your rules. So, if you're still seeing root as owner after re-mapping, you might want to restart your system or ask AR people what to do to get rid of any mappings that have been established based on your previous rules. > Is there a pb in the IHM? It does not clear file correctly ? I'm afraid, I don't understand what you're talking about! Note that people on the list are usually Solaris developers not Amber Road experts. > > Ls -Vd > > amberroad# ls -Vd > drwxr-xr-x 5 root sys 180 Nov 12 13:40 . > 0:user::rwx > 1:group::r-x #effective:r-x > 2:mask:rwx > 3:other:r-x > amberroad# pwd > /export > amberroad# cd cifs > amberroad# ls -Vd > d---------+ 6 nobody other 8 Nov 12 18:54 . > user:root:rwxpd-aARWc--s:fd-----:allow > user:root:r-x---a-R-c--s:fd-----:allow > everyone@:rwxpdDaARWcCos:fdin---:allow > amberroad# > Based on this ACL, if you create a file in "cifs" directory over CIFS, you should end up with one or two entries for root and one entry for everyone. Afshin > But, I've think that I've to work on this ! > > Thanks ! > > -C > > -----Message d'origine----- > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Envoyé : mercredi 12 novembre 2008 20:38 > À : Romain Chatelain > Cc : cifs-discuss > Objet : Re: [cifs-discuss] SunStorage 7000 > rchatelain" unixuser:root > add -d "winuser:*\\ > > You mapped rchatelain to root so naturally when you create > any file/folder with this user, the owner will be root. > > As far as the inherited ACL goes, I need to see what the > ACL looks like on the parent directory. You can post the > output of "ls -Vd" on the directory that you've created > the file. > > Afshin > > > Romain Chatelain wrote: >> Here is the result of your script >> >> I've modify some things like idmap config, cifs inheritance, etc ..., and >> I'm working on the directory based config now as you said ... but That's not >> easy ! ;D >> >> I'm a ++NetApp user/config/consultant but a little new with Amber Road. >> >> Thanks in advance ... I'm the perfect guy who need AmberRoad as a NetApp >> killer! ;-) >> >> >> -----Message d'origine----- >> De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >> Envoyé : mercredi 12 novembre 2008 19:47 >> À : Romain Chatelain >> Cc : cifs-discuss >> Objet : Re: [cifs-discuss] SunStorage 7000 >> >> >> >> Romain Chatelain wrote: >>> Hi, >>> >>> -----Message d'origine----- >>> De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >>> Envoyé : mercredi 12 novembre 2008 18:41 >>> À : Romain Chatelain >>> Objet : Re: [cifs-discuss] SunStorage 7000 >>> >>> >>> >>> Romain Chatelain wrote: >>>> Hi Natalie, >>>> >>>> >>>> >>>> No there are the same... >>>> >>>> >>>> >>>> -C >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> *De :* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >>>> *Envoyé :* mercredi 12 novembre 2008 16:51 >>>> *À :* Romain Chatelain >>>> *Cc :* [email protected] >>>> *Objet :* Re: [cifs-discuss] SunStorage 7000 >>>> >>>> >>>> >>>> Does your pre-Windows 2000 domain name differ from the first label of >>>> your fully-qualified domain name? >>>> >>>> Natalie >>>> >>>> Romain Chatelain wrote: >>>> >>>> Hi, >>>> >>>> >>>> >>>> I've some issue with the amber road VM concerning CIFS so here are the >>>> issues >>>> >>>> >>>> >>>> - Iam not able to add a ADuser/ADgroup in the local administrators group >>>> in order to manage my share via the mmc windows but this thing is possible >>>> in solaris/samba... >>>> >>>> When you say local administrators group, which local administrator group >>>> are you talking about, the one on your Windows client or on Solaris >>>> system? And how are you trying to this? And what exactly do you mean by >>>> "not able"? >>> The Solaris one: >>> >>> amberroad# smbadm show -m -p administrators administrators (Members can >>> fully administer the computer/domain) >>> SID: S-1-5-32-544 >>> Privileges: >>> SeTakeOwnershipPrivilege: On >>> SeBackupPrivilege: Off >>> SeRestorePrivilege: Off >>> Members: >>> DOMAIN\rchatelain >>> DOMAIN\Administrateur >>> >>> But nothing show in the mmc in the localgroup administrators.... >>> >> This is not supported yet. >> >>>> >>>> >>>> Is it possible in opensolaris ? in amber road ? >>>> >>>> >>>> >>>> - Can we allow the previous tab in order to restore data from a snapshot ? >>>> >>>> >>>> >>>> - all files created on the shares have a Everyone access ACL, How to have >>>> my ADuser as proprietary and with his access.(look at the attached file) >>>> Sorry, but I don't quite understand your question here. >>> If I create a file with the user DOMAIN\rchatelain, my file as >>> APPLIANCE\root as owner and the rights on this file is everyone/Full >>> Control... >>> >>> But I think it should be DOMAIN\rchatelain and with some right attach to >>> this user no ? >> The owner of the file will be the connected user but you need to see >> which Solaris user this connected user is mapped to, which depends on >> your idmap setting and configuration. >> >> The ACL will be inherited from the directory that the new file/directory >> is created so it depends on the inheritance settings on the parent's >> ACL. If you're familiar with Windows then the same inheritance rules >> apply here. >> >> I need to have more information about your Solaris system configuration >> in order to be able to properly answer this question, so if you want, >> you could run the following script on your Solaris box and post the >> output: >> >> http://opensolaris.org/os/project/cifs-server/files/cifs-gendiag >> >> Afshin >> >>> Thanks >>> >>> -C >>> >>> >>> Afshin >>> >>>> >>>> >>>> If someone can help ? >>>> >>>> >>>> >>>> Thanks in advance >>>> >>>> >>>> >>>> -C >>>> >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> >>>> cifs-discuss mailing list >>>> >>>> [email protected] <mailto:[email protected]> >>>> >>>> http://mail.opensolaris.org/mailman/listinfo/cifs-discuss >>>> >>>> >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> _______________________________________________ >>>> cifs-discuss mailing list >>>> [email protected] >>>> http://mail.opensolaris.org/mailman/listinfo/cifs-discuss >>>> >>>> ------------------------------------------------------------------------ >>>> _______________________________________________ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
